Resetting passwords can consume considerable managerial or administrator time. Password resetting becomes necessary when a user mistakenly enters his/her password incorrectly a predetermined number of times in succession or if the user cannot remember the password and requests a reset be performed. Automated techniques for resetting passwords are becoming commonplace. Example automated techniques including sending an email to the user with a reset link, or providing a set of personal questions to which the user has previously provided answers. If an email account is the service that the user is locked out of, the reset link can be sent to a secondary email address.
In an enterprise environment, a customer can have multiple individual users, each with his/her own username and password. Generally, an administrator is in charge of the account and would have access to a secondary email address, rather than each individual user. Resetting a password in an enterprise environment can be more difficult than with personal accounts. For example, enterprise resets through an email account might not be possible, as it is a customer account (including email) to which the user cannot access in the first place. Secondary email accounts also may be difficult for resets in the enterprise context, as it is the customer (i.e., an administrator) that has a secondary email address, rather than each individual user.
Better techniques for resetting enterprise passwords need to be developed.